Network

Security

Chapter 2

Symmetric Encryption and

Message Confidentiality
 Quotation

“I have solved other ciphers of an abstruseness ten thousand times

greater. Circumstances, and a certain bias of mind, have led me to take
interest in such riddles, and it may well be doubted whether human
ingenuity can construct an enigma of the kind which human ingenuity
may not, by proper application, resolve.”

—The Gold Bug, Edgar Allen Poe

2 2/12/2022
 Quotation
Amongst the tribes of Central Australia every man, woman, and child
has a secret or sacred name which is bestowed by the older men upon
him or her soon after birth, and which is known to none but the fully
initiated members of the group. This secret name is never mentioned
except upon the most solemn occasions; to utter it in the hearing of men
of another group would be a most serious breach of tribal custom.
When mentioned at all, the name is spoken only in a whisper, and not
until the most elaborate precautions have been taken that it shall be
heard by no one but members of the group. The native thinks that a
stranger knowing his secret name would have special power to work him
ill by means of magic.

—The Golden Bough,

3
Sir James George Frazer
2/12/2022
Some Basic Terminology
• Plaintext - original message

• Ciphertext - coded message

• Cipher - algorithm for transforming plaintext to ciphertext

• Key - info used in cipher known only to sender/receiver

• Encipher (encrypt) - converting plaintext to ciphertext

• Decipher (decrypt) - recovering ciphertext from plaintext

• Cryptography - study of encryption principles/methods

• Cryptanalysis (code breaking) - study of principles/methods of

deciphering ciphertext without knowing key

• Cryptology - field of both cryptography and cryptanalysis

4 2/12/2022
5 2/12/2022
 Requirements
• There are two requirements for secure use of symmetric
encryption:
• A strong encryption algorithm
• Sender and receiver must have obtained copies of the secret key
in a secure fashion and must keep the key secure

• The security of symmetric encryption depends on the

secrecy of the key, not the secrecy of the algorithm
• This makes it feasible for widespread use
• Manufacturers can and have developed low-cost chip
implementations of data encryption algorithms
• These chips are widely available and incorporated into a
number of products

6 2/12/2022
 Cryptography

• The type of operations used for transforming plaintext to

ciphertext
• Substitution
• Each element in the plaintext is mapped into another element
Cryptographic • Transposition
• Elements in the plaintext are rearranged
systems are • Fundamental requirement is that no information be lost
generically • Product systems
• Involve multiple stages of substitutions and transpositions
classified • The number of keys used
along three • Referred to as symmetric, single-key, secret-key, or conventional
encryption if both sender and receiver use the same key
independent • Referred to as asymmetric, two-key, or public-key encryption if
the sender and receiver each use a different key
dimensions: • The way in which the plaintext is processed
• Block cipher processes the input one block of elements at a time,
producing an output block for each input block
• Stream cipher processes the input elements continuously,
producing output one element at a time, as it goes along
7 2/12/2022
 Table 2.1
8 Types of Attacks on Encrypted Messages 2/12/2022
 cryptanalysis

• An encryption scheme is computationally secure if the

ciphertext generated by the scheme meets one or both
of the following criteria:
• The cost of breaking the cipher exceeds the value of the
encrypted information
• The time required to break the cipher exceeds the useful
lifetime of the information

9 2/12/2022
 Brute Force attack
• Involves trying every possible key until an intelligible
translation of the ciphertext into plaintext is obtained
• On average, half of all possible keys must be tried to
achieve success
• Unless known plaintext is provided, the analyst must
be able to recognize plaintext as plaintext
• To supplement the brute-force approach
• Some degree of knowledge about the expected plaintext
is needed
• Some means of automatically distinguishing plaintext
from garble is also needed
10 2/12/2022
11 2/12/2022
 Feistel Cipher Design
Elements
Subkey generation
• The essence of a algorithm
• Larger block Key size symmetric block
sizes mean cipher is that a • Greater
greater security • Larger key size single round offers complexity in
but reduced means greater inadequate security this algorithm
encryption/decry security but may but that multiple should lead to
ption speed decrease rounds offer greater difficulty
encryption/decrypti increasing security of cryptanalysis
on speed
Block size
Number of rounds

Fast software • If the algorithm can be

• Greater encryption/decryp
complexity concisely and clearly
tion explained, it is easier to
generally means
greater resistance • In many cases, encryption is analyze that algorithm
to cryptanalysis embedded in applications or for cryptanalytic
utility functions in such a way vulnerabilities and
as to preclude a hardware therefore develop a
Round function implementation; accordingly, higher level of assurance
the seed of execution of the as to its strength
algorithm becomes a concern
Ease of analysis
2/12/2022 12
 Symmetric Block
encryption algorithms
• Block cipher
Data
• The most commonly Encryption
Standard
used symmetric (DES)
encryption algorithms
• Processes the plaintext The three most
input in fixed-sized important
blocks and produces a symmetric
block of ciphertext of
Advanced
block ciphers
equal size for each Encryption Triple DES
Standard (3DES)
plaintext block (AES)

13 2/12/2022
 Data Encryption
Standard (DES)
• Most widely used encryption scheme

• Issued in 1977 as Federal Information Processing

Standard 46 (FIPS 46) by the National Institute of
Standards and Technology (NIST)

• The algorithm itself is referred to as the Data

Encryption Algorithm (DEA)

14 2/12/2022
 DES algorithm
• Description of the algorithm:
• Plaintext is 64 bits in length
• Key is 56 bits in length
• Structure is a minor variation of the Feistel network
• There are 16 rounds of processing
• Process of decryption is essentially the same as the encryption
process

• The strength of DES:

• Concerns fall into two categories
• The algorithm itself
• Refers to the possibility that cryptanalysis is possible by exploiting
the characteristics of the algorithm
• The use of a 56-bit key
• Speed of commercial, off-the-shelf processors threatens the security

15 2/12/2022
 Table 2.2
Average Time Required for Exhaustive
Key Search

16 2/12/2022
17 2/12/2022
 3DES guidelines

• FIPS 46-3 includes the following guidelines for 3DES:

• 3DES is the FIPS-approved symmetric encryption
algorithm of choice
• The original DES, which uses a single 56-bit key, is
permitted under the standard for legacy systems only;
new procurements should support 3DES
• Government organizations with legacy DES systems are
encouraged to transition to 3DES
• It is anticipated that 3DES and the Advanced Encryption
Standard (AES) will coexist as FIPS-approved
algorithms, allowing for a gradual transition to AES

18 2/12/2022
Advanced encryption
standard (AES)
• In 1997 NIST issued a call for proposals for a new AES:
• Should have a security strength equal to or better than 3DES
and significantly improved efficiency
• Must be a symmetric block cipher with a block length of 128
bits and support for key lengths of 128, 192, and 256 bits
• Evaluation criteria included security, computational efficiency,
memory requirements, hardware and software suitability, and
flexibility

• NIST selected Rijndael as the proposed AES algorithm

• FIPS PUB 197
• Developers were two cryptographers from Belgium: Dr. Joan
Daemen and Dr. Vincent Rijmen

19 2/12/2022
20 2/12/2022
21 2/12/2022
 Random and
pseudorandom Numbers
• A number of network security algorithms based on
cryptography make use of random numbers
• Examples:
• Generation of keys for the RSA public-key encryption
algorithm and other public-key algorithms
• Generation of a symmetric key for use as a temporary session
key; used in a number of networking applications such as
Transport Layer Security, Wi-Fi, e-mail security, and IP security
• In a number of key distribution scenarios, such as Kerberos,
random numbers are used for handshaking to prevent replay
attacks

• Two distinct and not necessarily compatible requirements

for a sequence of random numbers are:
• Randomness
• Unpredictability
2/12/2022 22
 Randomness
• The following criteria are used to validate that a
sequence of numbers is random:

• The distribution of bits in the sequence

should be uniform
Uniform • Frequency of occurrence of ones and
zeros should be approximately the same
distribution

• No one subsequence in the sequence can be

inferred from the others
• There is no test to “prove” independence
Independence • The general strategy is to apply a number of
tests until the confidence that independence
exists is sufficiently strong

23 2/12/2022
 unpredictability
• In applications such as reciprocal authentication and
session key generation, the requirement is not so much
that the sequence of numbers be statistically random
but that the successive members of the sequence are
unpredictable
• With “true” random sequences, each number is
statistically independent of other numbers in the
sequence and therefore unpredictable
• Care must be taken that an opponent not be able to
predict future elements of the sequence on the basis of
earlier elements

24 2/12/2022
25 2/12/2022
 Algorithm design

• Designed specifically and solely for the purpose of

Purpose-built algorithms generating pseudorandom bit streams

Algorithms based on • Cryptographic algorithms have the effect of

existing cryptographic randomizing input
algorithms • Can serve as the core of PRNGs

Three broad categories of • Symmetric block ciphers

cryptographic algorithms
• Asymmetric ciphers
are commonly used to
create PRNGs: • Hash functions and message authentication codes

26 2/12/2022
27 2/12/2022
 Stream Cipher design
considerations
• The encryption sequence should have a large period
• The longer the period of repeat, the more difficult it will be to do
cryptanalysis

• The keystream should approximate the properties of a true

random number stream as close as possible
• The more random-appearing the keystream is, the more
randomized the ciphertext is, making cryptanalysis more difficult

• The pseudorandom number generator is conditioned on the value

of the input key
• To guard against brute-force attacks, the key needs to be
sufficiently long
• With current technology, a key length of at least 128 bits is
desirable

28 2/12/2022
 RC4 algorithm
• A stream cipher designed in 1987 by Ron Rivest for RSA
Security
• It is a variable key-size stream cipher with byte-oriented
operations
• The algorithm is based on the use of a random permutation
• Is used in the Secure Sockets Layer/Transport Layer
Security (SSL/TLS) standards that have been defined for
communication between Web browsers and servers
• Also used in the Wired Equivalent Privacy (WEP) protocol
and the newer WiFi Protected Access (WPA) protocol that
are part of the IEEE 802.11 wireless LAN standard
29 2/12/2022
30 2/12/2022
 Cipher block Modes
of Operation
• A symmetric block cipher processes one block of data at a
time
• In the case of DES and 3DES, the block length is b=64 bits
• For AES, the block length is b=128
• For longer amounts of plaintext, it is necessary to break the
plaintext into b-bit blocks, padding the last block if necessary

• Five modes of operation have been defined by NIST

• Intended to cover virtually all of the possible applications of
encryption for which a block cipher could be used
• Intended for use with any symmetric block cipher, including
triple DES and AES

31 2/12/2022
 Electronic
Codebook Mode (ECB)
• Plaintext is handled b bits at a time and each block of plaintext is
encrypted using the same key
• The term “codebook” is used because, for a given key, there is a
unique ciphertext for every b-bit block of plaintext
• One can imagine a gigantic codebook in which there is an entry
for every possible b-bit plaintext pattern showing its corresponding
ciphertext

• With ECB, if the same b-bit block of plaintext appears more than
once in the message, it always produces the same ciphertext
• Because of this, for lengthy messages, the ECB mode may not be
secure
• If the message is highly structured, it may be possible for a
cryptanalyst to exploit these regularities

2/12/2022 32
33 2/12/2022
34 2/12/2022
35 2/12/2022
Advantages of CTR mode
• Hardware efficiency
• Encryption/decryption can be done in parallel on multiple blocks of plaintext or ciphertext
• Throughput is only limited by the amount of parallelism that is achieved

• Software efficiency
• Because of the opportunities for parallel execution, processors that support parallel features can
be effectively utilized

• Preprocessing
• The execution of the underlying encryption algorithm does not depend on input of the plaintext
or ciphertext --- when the plaintext or ciphertext input is presented, the only computation is a
series of XORs, greatly enhancing throughput

• Random access
• The ith block of plaintext or ciphertext can be processed in random-access fashion

• Provable security
• It can be shown that CTR is at least as secure as the other modes discussed in this section

• Simplicity
• Requires only the implementation of the encryption algorithm and not the decryption algorithm
36 2/12/2022
 summary
• Symmetric encryption • Random and pseudorandom
principles numbers
• Cryptography • The use of random numbers
• Cryptanalysis • TRNGs, PRNGs, PRFs
• Feistel cipher structure • Algorithm design

• Symmetric block encryption • Stream ciphers and RC4

algorithms • Stream cipher structure
• Data encryption standard • RC4 algorithm
• Triple DES
• Advanced encryption • Cipher block modes of
standard operation
• ECB
• CBC
• CFB
• CTR
37 2/12/2022